imap-login: proxy: Fix STARTTLS failure message

The error message blindly skipped over 3 bytes after the tagged "S " reply.
This was okay if the reply was "NO", but wrong if the reply was "BAD". Also
nothing really guarantees that a broken server couldn't have just returned
a truncated "S " string, in which case the error would point to garbage.

diff --git a/src/imap-login/imap-proxy.c b/src/imap-login/imap-proxy.c
index 75f874e9b30ffaf14746a51e23afd6fe7a8f0539..042b24a76f3d78030fe3882c1a7f767f6756532f 100644 (file)
--- a/src/imap-login/imap-proxy.c
+++ b/src/imap-login/imap-proxy.c
@@ -367,7 +367,7 @@ int imap_proxy_parse_line(struct client *client, const char *line)
                        /* STARTTLS failed */
                        const char *reason = t_strdup_printf(
                                "STARTTLS failed: %s",
-                               str_sanitize(line + 5, 160));
+                               str_sanitize(line + 2, 160));
                        login_proxy_failed(client->login_proxy,
                                login_proxy_get_event(client->login_proxy),
                                LOGIN_PROXY_FAILURE_TYPE_REMOTE, reason);